The internal policies and procedures must implement and comply with all relevant regulatory and legal requirements pertaining to AML/CFT and include risk assessment of clients and transactions, CDD measures, record retention, the scrutiny of transactions undertaken throughout the course of the business relationship, the analysis of unusual transactions, the obligation to make a suspicious transaction report to the unit, and adequate screening procedures to ensure high standards when hiring employees. The internal policies, procedures, systems and controls should be consistent with the licensed person’s size, and nature and scope of operations and should be adopted by the Board of Directors of the Licensed Person.